Utilizing default credentials, an attacker is able to log into the cameras operating system which could allow changes to be made to the operations or shutdown the camera requiring a physical reboot of the system.
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.